From be69044921373b980e4ab86f44e372549f9ce166 Mon Sep 17 00:00:00 2001
From: MichaelFisher1997 <contact@michaelfisher.tech>
Date: Sun, 1 Mar 2026 03:13:33 +0000
Subject: [PATCH] fix: deploy CCM via kubectl to avoid remote python kubernetes
 dependency

---
 ansible/roles/ccm/tasks/main.yml | 27 ++++++++++-----------------
 1 file changed, 10 insertions(+), 17 deletions(-)

diff --git a/ansible/roles/ccm/tasks/main.yml b/ansible/roles/ccm/tasks/main.yml
index 63b4ca8..9c41163 100644
--- a/ansible/roles/ccm/tasks/main.yml
+++ b/ansible/roles/ccm/tasks/main.yml
@@ -11,30 +11,23 @@
   changed_when: true
 
 - name: Create Hetzner cloud secret
-  kubernetes.core.k8s:
-    state: present
-    definition:
-      apiVersion: v1
-      kind: Secret
-      metadata:
-        name: hcloud
-        namespace: hetzner-cloud-system
-      stringData:
-        token: "{{ hcloud_token }}"
-        network: "{{ cluster_name }}-network"
+  shell: |
+    kubectl -n hetzner-cloud-system create secret generic hcloud \
+      --from-literal=token='{{ hcloud_token }}' \
+      --from-literal=network='{{ cluster_name }}-network' \
+      --dry-run=client -o yaml | kubectl apply -f -
   no_log: true
   when: hcloud_token is defined
+  changed_when: true
 
 - name: Deploy Hetzner CCM
-  kubernetes.core.k8s:
-    state: present
-    src: "{{ item }}"
-  loop:
-    - https://raw.githubusercontent.com/hetznercloud/hcloud-cloud-controller-manager/main/deploy/ccm-networks.yaml
-  when: ccm_namespace.rc != 0
+  command: kubectl apply -f https://raw.githubusercontent.com/hetznercloud/hcloud-cloud-controller-manager/main/deploy/ccm-networks.yaml
+  changed_when: true
 
 - name: Wait for CCM pods to be ready
   command: kubectl rollout status deployment/hcloud-cloud-controller-manager -n hetzner-cloud-system
+  register: ccm_rollout
+  until: ccm_rollout.rc == 0
   changed_when: false
   retries: 30
   delay: 10